TePA is a technological idea and framework for peer authentication between a terminal and a network originally developed by China. This technology defines a tri-element entity authentication architecture, which realizes mutual authentication between a user and a network based on a peer authentication idea.
Currently, in a wired local area network, IEEE uses security-enhanced IEEE 802.3 to realize the security of the link layer, including the typical security access protocol IEEE 802.1x and IEEE 802.1x authentication based key management protocols. The basic method of IEEE 802.1x authentication includes an additional authentication server to the terminal and the access point device, and the access point device using the authentication server to authenticate the identity of the terminal, thereby realizing security access control of the terminal. The access point device forwards directly authentication information between the terminal and the authentication server, without participating in the identity authentication process as an independent entity. This method can only achieve validity authentication of the identity of the terminal by the network, but cannot meet the requirement of validity authentication of the identity of the access network by the terminal, thereby failing to realize mutual authentication between the terminal and the network. The terminal cannot verify the identity of the access point device, and even if security vulnerabilities are remedied by such measures as adding security patches to this type of security architecture subsequently, security problems such as man-in-the-middle attacks and the terminal accessing an invalid network cannot be avoided. This type of security access protocol is still in use, and presents a serious obstacle to the development of the industry.